Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/Oj0IQYPYdahBjjAm02OCXsS8NrQ.roa
File: Oj0IQYPYdahBjjAm02OCXsS8NrQ.roa (raw, json)
Hash identifier: Q3ByELkNyI/RbA3eLnVIFSPV0AltLQADVi+fCBonmYI=
Subject key identifier: 3A:3D:08:41:83:D8:75:A8:41:8E:30:26:D3:63:82:5E:C4:BC:36:B4
Certificate issuer: /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial: 430B
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access: rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/Oj0IQYPYdahBjjAm02OCXsS8NrQ.roa
Signing time: Sat 12 Feb 2022 00:30:07 +0000
ROA not before: Sat 12 Feb 2022 00:30:07 +0000
ROA not after: Sun 01 Jan 2023 01:01:02 +0000
asID: 47065
IP address blocks: 147.28.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17163 (0x430b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Validity
Not Before: Feb 12 00:30:07 2022 GMT
Not After : Jan 1 01:01:02 2023 GMT
Subject: CN=3A3D084183D875A8418E3026D363825EC4BC36B4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:32:a4:5d:be:65:0e:75:e3:8a:19:44:48:aa:
4f:ed:d2:14:53:82:fd:66:87:b6:5f:6e:b1:92:f6:
e0:3d:e6:92:a8:7b:27:86:fe:65:65:6f:c9:69:84:
c6:ca:a4:4b:7e:3d:8a:ae:55:47:62:24:28:d7:6b:
e9:43:e4:50:c2:49:4f:52:8d:dd:ba:c2:29:ae:46:
fa:57:3b:8d:36:82:e3:f6:aa:42:94:fa:b2:a7:9d:
f4:2d:6c:8b:c7:ec:69:83:db:b9:0a:f0:14:b6:6a:
89:c5:b0:fa:0a:91:6c:9b:3a:a1:18:96:6b:ca:77:
de:0c:95:59:df:a2:5d:d1:6d:65:75:f0:05:06:fa:
ef:71:a0:12:15:6d:35:a7:b8:60:cd:05:6b:d9:0a:
45:2f:ff:f1:3b:32:8a:56:11:5c:33:e8:0e:96:b7:
78:f4:ba:40:81:77:6c:6d:c5:07:c4:d6:b8:1e:f5:
e4:61:f1:42:38:15:ba:c0:96:f7:ed:d7:89:fa:1e:
cc:8f:33:cd:af:45:b3:25:94:35:3a:2b:76:e5:5c:
ef:57:5b:46:0e:4f:34:a4:a0:57:27:e0:7e:de:7f:
6c:23:55:3d:57:16:cc:c1:85:4d:1d:ad:50:d4:85:
7d:4e:f7:e1:9e:9b:ba:f8:96:3d:49:44:56:3f:c7:
30:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:3D:08:41:83:D8:75:A8:41:8E:30:26:D3:63:82:5E:C4:BC:36:B4
X509v3 Authority Key Identifier:
keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl
Authority Information Access:
CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/Oj0IQYPYdahBjjAm02OCXsS8NrQ.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.3.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:8f:5d:dd:06:7a:77:2e:49:c1:18:73:51:af:44:54:52:9e:
aa:8a:18:00:f1:d8:6c:09:a9:1b:74:08:66:b9:7c:75:ce:22:
a0:bd:f8:1f:39:a9:6b:06:58:3b:13:53:a6:b3:ca:3e:b2:c4:
d5:a1:18:6e:ea:e6:be:92:d4:12:c5:12:94:60:9a:32:88:99:
27:d5:d9:32:b8:d2:6b:0f:19:64:79:2d:7c:87:3e:bb:72:01:
13:ad:01:39:7d:7d:c8:f0:a1:4b:fa:c9:af:ea:cf:02:b2:71:
81:ff:8d:b7:bb:11:b2:f8:49:bb:94:8f:c7:ea:4c:a6:12:74:
7f:8a:20:ed:a8:30:32:f6:54:14:10:c7:4a:c7:16:6f:57:cc:
2b:9e:fb:2c:47:55:91:40:ed:b1:4e:ed:b7:24:74:6f:56:8c:
af:69:c7:d5:1a:24:db:26:2c:6a:df:b6:bd:8f:cd:a3:9a:a1:
7d:93:2b:06:b9:fc:db:3c:a8:db:95:a0:8e:7c:a1:7c:6f:a4:
bd:5c:ce:c3:90:3a:b3:f1:33:01:e9:00:18:90:48:f8:21:0e:
31:b5:85:f0:79:2d:73:8b:9f:f8:e7:f6:39:59:b1:17:df:27:
7f:f3:8a:4f:67:0d:04:fb:75:cc:07:e2:ad:70:4b:54:ee:b2:
c7:4e:f8:f3
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICQwswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAyMTIw
MDMwMDdaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDNBM0QwODQxODNEODc1
QTg0MThFMzAyNkQzNjM4MjVFQzRCQzM2QjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCqMqRdvmUOdeOKGURIqk/t0hRTgv1mh7ZfbrGS9uA95pKoeyeG
/mVlb8lphMbKpEt+PYquVUdiJCjXa+lD5FDCSU9Sjd26wimuRvpXO402guP2qkKU
+rKnnfQtbIvH7GmD27kK8BS2aonFsPoKkWybOqEYlmvKd94MlVnfol3RbWV18AUG
+u9xoBIVbTWnuGDNBWvZCkUv//E7MopWEVwz6A6Wt3j0ukCBd2xtxQfE1rge9eRh
8UI4FbrAlvft14n6HsyPM82vRbMllDU6K3blXO9XW0YOTzSkoFcn4H7ef2wjVT1X
FszBhU0drVDUhX1O9+Gem7r4lj1JRFY/xzDlAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUOj0IQYPYdahBjjAm02OCXsS8NrQwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9PajBJUVlQWWRhaEJqakFtMDJPQ1hzUzhOclEucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAMwDQYJKoZIhvcNAQELBQADggEB
AKuPXd0GencuScEYc1GvRFRSnqqKGADx2GwJqRt0CGa5fHXOIqC9+B85qWsGWDsT
U6azyj6yxNWhGG7q5r6S1BLFEpRgmjKImSfV2TK40msPGWR5LXyHPrtyAROtATl9
fcjwoUv6ya/qzwKycYH/jbe7EbL4SbuUj8fqTKYSdH+KIO2oMDL2VBQQx0rHFm9X
zCue+yxHVZFA7bFO7bckdG9WjK9px9UaJNsmLGrftr2PzaOaoX2TKwa5/Ns8qNuV
oI58oXxvpL1czsOQOrPxMwHpABiQSPghDjG1hfB5LXOLn/jn9jlZsRffJ3/zik9n
DQT7dcwH4q1wS1TussdO+PM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:53 2024 by rpki-client on console-fra.rpki-client.org